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REMARKS 

This is a full and timely response to the outstanding final Office Action mailed 
January 16, 2004. Upon entry of the amendments in this response, claims 1 - 40 remain 
pending. Reconsideration and allowance of the application and presently pending claims are 
respectfully requested. 

I. Claims 1 - 40 are Patentable Over the Cited Art 

The Office Action rejects claims 1 - 30 under 35 U.S.C. § 103(a) as being unpatentable 
over U.S. Patent No. 6,289,462 to McNabb et al. ("the '462 patent") in view of U.S. Patent 
No. 5,784,463 to Chen et al ("the '463 patent"). The Office Action rejects claims 3 1-40 
under 35 U.S.C. § 103(a) as being unpatentable over the '462 patent and the £ 463 patent and 
further in view of U.S. Patent No. 5,560,008 to Johnson et al ("the '008 patent"). 

Applicants respectfully submit that the rejection of claims 1-40 under §103 should 
be withdrawn for any of the following reasons, each of which are separately discussed below: 

(1) the '463 patent cannot be used as a basis for this rejection 
because it is improper nonanalogous prior art that cannot 
legally be relied on for a rejection under 35 U.S.C. §103; 

(2) the Office Action fails to establish a prima facie case of 
obviousness because, even assuming for the sake of 
argument that the '463 patent can be relied on as a basis for 
a rejection under §103, the Examiner has not established 
the proper suggestion or motivation to combine the '462 
patent and the '463 patent in the manner suggested; and 

(3) the Office Action fails to establish a prima facie case of 
obviousness because, even assuming for the sake of 
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argument that the 4 463 patent is proper analogous art AND 
a proper suggestion or motivation to combine has been 
established, the combined teachings of the c 462 patent and 
the '463 patent do not teach all of the claim limitations. 

A. The Rejection of Claims 1 - 40 is Legally Deficient Because the '463 Patent Cannot 
Be Used as a Basis for a Rejection Under 35 U.S.C. §103 Because the References is 
Nonanalogous Prior Art 

Applicants respectfully submit that the rejection of claims 1 - 40 is improper, and 
therefore should be withdrawn and the claims be allowed, because the '463 patent is improper 
"nonanalogous art" that may not legally be relied upon to support a prima facie case of 
obviousness. In order to rely on a reference as a basis for rejection of an applicant's 
invention, the reference must be analogous art. In other words, the reference must be either in 
the field of applicant's endeavor or, if not, then be reasonably pertinent to the particular 
problem with which the inventor was concerned. MPEP §2 14 1.0 1(a); See, In re Oetiker, 977 
F.2d 1443, 1446, 24 USPQ2d 1443, 1445 (Fed. Cir. 1992); In re Deminski, 796 F.2d 436, 230 
USPQ 313 (Fed. Cir. 1986); In re Clay, 966 F.2d 656, 659, 23 USPQ2d 1058, 1060-61 (Fed. 
Cir. 1992); Wang Laboratories Inc. v. Toshiba Corp., 993 F.2d 858, 26 USPQ2d 1767 (Fed. 
Cir. 1993). 

The '462 patent relates to a trusted compartmentalized computer operating system 
(O/S) on a web server for controlling access to the execution of the software processes. The 
trusted O/S provides an added layer of security in two ways: by attaching additional security 
attributes to each of the O/S components {e.g., files, processes, data packets); and by 
extending the security checks to use the new attributes. Col. 9, 11. 5-10. When a process 
makes a request to "call" or "execute" a program stored in a file, the O/S compares the 
attributes of the process to the attributes of the file where the program is stored, in order to 
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see if the process will be allowed to run the program. The additional security attributes (e.g., 
"sensitivity label") are used by the O/S to allow greater control over which programs are 
available. For example, the trusted O/S includes an "authorization database" that is used to 
see if the user running the process can access or execute the requested program. Col. 9, 11. 40 
- 50. Therefore, the '462 patent is mainly related to the field of O/S functionality and the 
problems associated with securely controlling access to software processes to be executed via 
the O/S. 

Unlike the '462 patent, the '463 patent is completely unrelated to the field of O/S 
functionality. Rather, the '463 patent relates to a process for authenticating users (e.g., clients 
10) that attempt to gain access to an application server 25 over a communications network 5. 
The authentication process of the '463 patent involves a very specific implementation of a 
public/private key cryptosystem. Col. 2, 11. 52 - 56. The authentication process of the '463 
patent involves an authentication server 20 which is assigned a private key and a 
corresponding public key by a token issuer or by a certification authority/key management 
agency 35. Col. 4, 11. 32 - 34. "Tokens" are distributed to users (i.e., clients 10) during a 
registration process. Each token has embedded therein a public key of the token issuer or 
certification authority. Without going into unnecessary detail, Applicants note that much of 
the disclosure of the '463 patent involves a detailed description of the 
verification/authentication schemes (illustrated in Figs. 3 & 4) between clients 10 and 
authentication server 25 using the tokens and the cryptography associated with the 
public/private keying. 

Therefore, it is clear that the '463 patent is totally unrelated to O/S functionality for 
controlling access to the execution of software processes via an O/S. Furthermore, one of 
ordinary skill in the art of operating systems would not look for functional enhancements in 
the field of cryptography. In fact, Applicants respectfully submit that such solutions are not 
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disclosed at all in the '463 patent. Therefore, Applicants respectfully assert that the '463 
patent is improper "nonanalogous art" that may not be relied upon to support a rejection 
under §103. Accordingly, Applicants respectfully request that the rejection be withdrawn and 
claims 1 - 40 be allowed. 

B. Prima Facie Case of Obviousness Not Established: No Suggestion or Motivation to 
Combine References as Suggested 

The rejection of claims 1 - 40 under 35 U.S.C. § 103(a) should be withdrawn because 
the Examiner has failed to establish a prima facie case of obviousness. In order to establish a 
prima facie case of obviousness by combining references, there must be some suggestion or 
motivation, either in the references themselves or in the knowledge generally available to one 
of ordinary skill, to modify the primary reference (the '462 patent) in the manner allegedly 
taught by the secondary reference (the '463 patent). See e.g., MPEP §§2142, 2143; In re 
Vaeck, 947 F.2d 488, 20 USPQ2d 1438 (Fed. Cir 1991); In re Fine, 837 F.2d 1071, 5 
USPQ2d 1596 (Fed. Cir. 1988); In re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 
1992). Even though Applicants believe the §103 rejection is improper because the '463 
patent is unavailable "nonanalogous art," Applicants further submit that the Office Action 
fails to establish a proper motivation or suggestion to modify the alleged teaching of the '462 
patent with the alleged teaching of the '463 patent such as to render obvious claims 1 - 40. 

The Office Action rejects independent claims 1,11, and 21, as well as many other 
dependent claims, based on the same argument. Nonetheless, Applicants respectfully submit 
that the scope of these claims are not co-extensive. In the interests of brevity, however, 
Applicants address the similar rejection of all of the independent claims by pointing out the 
Examiner's failure to establish the proper suggestion or motivation to combine the operating 
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system of the '462 patent with the dynamic client configuration functionality of the '463 
patent. 

Specifically, the Office Action argues that the '462 patent discloses all of the elements 
of independent claims 1,11, and 21 except for a system call trap that modifies the plurality of 
attributes for the software process based on an executable environment attribute stored in 
association with the executable file. The Office Action alleges that the '463 patent teaches 
"the modifying of attributes associated with a process (dynamic configuration of the client, p6 
1 0 - 24) based on an executable environment attribute stored in association with the 
executable file (service entitlement from an access control database, Id.)." The Office Action 
further argues that it would have been obvious to combine the teachings of the '463 patent 
with the '462 patent because "the 'reconfiguration 5 of client attributes while maintaining the 
security would enable access to various protected applications through 'different or changing 
user entitlements' (Chen Abstract) at the same time as reducing user authentication-overhead 
while increasing flexibility for the user." 

It is well-established law that, in order to properly combine select elements from 
differing prior art sources, there must be some teaching or suggestion within the prior art to 
make the combination specifically claimed by the Appellant's invention. W. L. Gore & 
Associates, Inc. v. Garlock Thomas, Inc., 721 F.2d 1540, 1551 (Fed. Cir. 1983). More 
significantly, 

"The consistent criteria for determination of obviousness is 
whether the prior art would have suggested to one of ordinary 
skill in the art that this [invention] should be carried out and 
would have a reasonable likelihood of success, viewed in light 
of the prior art. ..." Both the suggestion and the expectation of 
success must be founded in the prior art y not in the 
applicant's disclosure... In determining whether such a 
suggestion can fairly be gleaned from the prior art, the full field 
of the invention must be considered; for the person of ordinary 
skill in the art is charged with knowledge of the entire body of 
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technological literature, including that which might lead away 
from the claimed invention." 

(Emphasis added) In re Dow Chemical Company, 837 F.2d 469, 473 (Fed. Cir. 1988). 

It has often been noted that, "[h]umans must work with old elements, most if not all of 
which will normally be found somewhere in an examination of the prior art." Connell v. 
Sears, Roebuck & Co., 122 F2d 1542, 1549, 220 U.S.P.Q. 193 (Fed. Cir. 1983). Furthermore, 
that features, even distinguishing features, are "disclosed" in the prior art is alone insufficient. 
As above indicated, it is common to find elements or features somewhere in the prior art. 
Moreover, most if not all elements perform their ordained and expected function. The test is 
whether the claimed invention as a whole, in light of all the teachings of the references in 
their entireties, would have been obvious to one of ordinary skill in the art at the time the 
invention was made. Id. 

In this regard, Applicant notes that there must not only be a suggestion to combine the 
functional or operational aspects of the combined references, but that the Federal Circuit also 
requires the prior art to suggest both the combination of elements and the structure resulting 
from the combination. Stiftung v. Renishaw PLC, 945 Fed.2d 1173 (Fed. Cir. 1991). 
Therefore, in order to sustain an obviousness rejection based upon a combination of any two 
or more prior art references, the prior art must properly suggest the desirability of combining 
the particular elements. 

Applicants respectfully submit that the purported motivation or suggestion provided 
by the Office Action is a classic example of impermissible hindsight reasoning based solely 
on Applicants' disclosure. In this regard, Applicants note that the purported motivation cited 
in the Office Action ("reducing user authentication-overhead while increasing flexibility for 
the user") is NOT in the '463 patent. The Office Action alleges that the suggestion or 
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motivation to combine the references is in the Abstract of the '463 patent. Specifically, the 
Office Action points to the Abstract and the recitation of the language "reconfiguration" and 
"different user entitlements" for the purported motivation. Applicants note that this cited 
language is the ONLY language actually contained in the Abstract which is used to support 
the allegation of the motivation or suggestion to combine the references. 

Applicants respectfully assert that this cited language is legally insufficient to meet the 
Examiner's prima facie burden of establishing a proper motivation or suggestion to combine 
the references. In this regard, Applicants respectfully assert that the cited language — 
"reconfiguration" and "different or changing user entitlements" ~ does not suggest the 
desirability of combining the trusted operating system of the '462 patent with the user 
authentication process of the '463 patent. The objective of the ' 462 patent is to create a 
trusted computer server that controls access to the execution of software processes called via 
the operating system. The '463 patent has nothing to do with operating system functionality. 
Rather, the objective of the '463 patent is to provide a method for authenticating a user (i.e., 
client computer) attempting to gain access to an application server 25 via a communications 
network 5. As mentioned above, the '463 patent merely suggests a user authentication 
scheme which employs public/private key cryptography for accessing the application servers. 
The '463 patent suggests nothing about operating system functionality. At best, the '463 
patent merely suggests the desirability of controlling user access to the application server via 
user entitlement database 30. 

Applicants note that the '463 patent does not say anything about a system call trap 
associated with an operating system kernel, which is configured to modify the attributes of the 
software process. Rather, the language "different or changing user entitlements" in the 
Abstract of the '463 patent merely refers to the functionality of reconfiguring the client token, 
after the client computer 10 has registered, with different user entitlements for different 
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software applications, different system, and/or different locations Col. 6 11. 1 - 20. In other 
words, the user entitlements may be reconfigured without the client computer 1 0 having to re- 
register. Thus, Applicants respectfully submit that this portion of the '463 patent cited by the 
Examiner does not suggest the desirability of modifying the trusted operating system of the 
'462 patent with the client reconfiguration functionality of the '463 patent. Accordingly, 
Applicants respectfully assert that the Office Action fails to establish a proper suggestion or 
motivation to combine the '462 patent and the '463 patent in the manner suggested. 
Applicants note that the improper combination of the '462 patent and the '463 patent is the 
basis for the rejection of all claims 1 - 40. Accordingly, Applicants respectfully submit that 
the rejection of claims 1 - 40 is improper and, therefore, request that the rejection be 
withdrawn and the claims be allowed. 

C. Prima Facie Case of Obviousness Not Established: Combination Fails to Teach All 
Elements 

Even assuming for the sake of argument that there is some proper suggestion or 
motivation to modify or combine the '462 patent and the '463 patent as the Examiner 
suggests, the combination of these references fails to disclose, teach, or suggest each and 
every element of independent claims 1,11, and 2 1 . For this additional reason, Applicants 
respectfully submit that the rejection of claims 1 - 40 is improper. MPEP §2143.03. 

Independent claims 1,11, and 2 1 include the feature/element of "modifying the 
plurality of attributes for the software process based on an executable environment attribute 
stored in association with the executable file." Independent claim 1 is directed to a system for 
establishing a secure execution environment for a software process executed by a program 
operating on a computer. Independent claim 1 recites "a system call trap associated with said 
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operating system kernel . . . configured to modify the plurality of attributes for the software 
process based on an executable environment attribute stored in association with said 
executable." Independent claim 1 1 is directed to a method for establishing a secure execution 
environment for a software process executed by a program operating on a computer. 
Independent claim 1 1 recites "modifying the plurality of attributes for the software process 
based on an executable environment attribute stored in association with the executable file." 
Independent claim 2 1 is directed to a computer-readable medium having a program for 
establishing a secure execution environment for a software process executed by a program 
operating on a computer. Independent claim 21 recites "logic for modifying the plurality of 
attributes for the software process based on an executable environment attribute stored in 
association with the executable file." 

The Office Action admits that the '462 patent does not disclose this feature. 
Furthermore, contrary to the assertion in the Office Action, Applicants respectfully submit 
that this feature is NOT disclosed, taught, or suggested by the '463 patent. As mentioned 
above, the '463 patent relates to a process for authenticating users (e.g., clients 10) that 
attempt to gain access to an application server 25 over a communications network 5. The 
'463 patent suggests nothing. about a system call trap associated with an operating system 
functionality. Moreover, the '463 patent suggests nothing about modifying the attributes for a 
software process to be executed based on an executable environment attribute stored in 
association with an executable file to be accessed by the software process. The Office Action 
alleges that this feature is taught in the Abstract of the '463 patent by the following 
description: "to provide for dynamic configuration of the client system to provide for different 
or changing user entitlements." Applicants respectfully submit that, at best, this description 
merely suggests the feature of changing the entitlements for a given user. In other words, the 
user entitlement database may suggest multiple levels of entitlements based on different 
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systems, different locations, and/or different software applications to be accessed via 
applications server 25. Col. 6, 11. 1 - 20. The '463 patent, however, clearly does not suggest 
modifying the attributes for the software process to be executed based on an executable 
environment attribute stored in association with an executable file to be accessed by the 
software process. 

Accordingly, and for at least this additional reason, Applicants respectfully submit that 
independent claims 1,11, and 21 are patentable over the '462 patent and the 6 463 patent and, 
therefore, should be allowed. Dependent claims 2-10 and 31-33 (which depend from 
independent claim 1), dependent claims 12-20 and 34 - 37 (which depend from independent 
claim 11), and dependent claims 22 - 30 and 38 - 40 (which depend from independent claim 
21), are allowable as a matter of law for at least the reason that they contain all features and 
elements of the corresponding independent claim. See, e.g., In re Fine, 837 F.2d 1071 (Fed. 
Cir. 1988). Accordingly, Applicants respectfully assert that a prima facie case of obviousness 
has not been established and request that the rejection of claims 1 - 40 be withdrawn and the 
claims be allowed. 
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CONCLUSION 



In light of the foregoing amendments and for at least the reasons set forth above, 
Applicant respectfully submits that all objections and/or rejections have been traversed, 
rendered moot, and/or accommodated, and that the pending claims 1 - 40 are in condition for 
allowance. Favorable reconsideration and allowance of the present application and all 
pending claims are hereby courteously requested. If, in the opinion of the Examiner, a 
telephonic conference would expedite the examination of this matter, the Examiner is invited to 
call the undersigned attorney at (770) 933-9500. 

Respectfully submitted, 



THOMAS, KAYDEN, 
HORSTEMEYER & RISLEY, L.L.P. 

100 Galleria Parkway N.W., Suite 1750 
Atlanta, Georgia 30339 
(770) 933-9500 




Adam E. Crall, Reg. No. 46,646 
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